npm - @rogue-security/sdk - Versions diffs - 1.0.0 - Mend

@rogue-security/sdk 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,101 @@
+# @rogue-security/sdk
+Official TypeScript SDK for the [Rogue Security](https://rogue.security) AppSec evaluation API.
+Wraps the two public AppSec methods, `evaluate` (inline checks) and `invoke` (saved
+guardrail), with full typing, typed errors, automatic retries (via `async-retry`), and
+debug logging. Runs in Node 18+, Bun, and edge runtimes.
+> **Server-side only.** The SDK authenticates with a long-lived `rsk_` API key. Never
+> bundle it into browser/frontend code, where it would be exposed to end users. Call the
+> SDK from your backend, or proxy requests through a server you control.
+## Install
+```bash
+npm install @rogue-security/sdk
+# or: bun add @rogue-security/sdk
+```
+## Quickstart
+```ts
+import { RogueClient } from "@rogue-security/sdk";
+const rogue = new RogueClient({ apiKey: process.env.ROGUE_API_KEY });
+const result = await rogue.evaluate({
+  messages: [
+    { role: "user", content: "What is the patient's SSN?" },
+    { role: "assistant", content: "It is 123-45-6789." },
+  ],
+  piiCheck: true,
+  promptInjections: true,
+});
+console.log(result.status, result.score);
+for (const group of result.evaluationResults) {
+  for (const r of group.results) {
+    if (r.flagged) console.log(group.type, r.label, r.reason);
+  }
+}
+```
+`apiKey` falls back to the `ROGUE_API_KEY` environment variable if omitted.
+### Invoke a saved guardrail
+```ts
+const result = await rogue.invoke({
+  guardrailId: "gr_abc123",
+  messages: [
+    { role: "user", content: userPrompt },
+    { role: "assistant", content: modelResponse },
+  ],
+});
+if (result.blocked) {
+  // the guardrail's workspace is set to block and the evaluation failed
+}
+```
+## Error handling
+Every non-2xx maps to a typed error subclass of `RogueError`:
+```ts
+import { RogueAuthError, RogueValidationError, RogueError } from "@rogue-security/sdk";
+try {
+  await rogue.evaluate({ piiCheck: true });
+} catch (err) {
+  if (err instanceof RogueAuthError) { /* bad / missing key */ }
+  else if (err instanceof RogueValidationError) { /* 422, e.g. no checks enabled */ }
+  else if (err instanceof RogueError) { console.error(err.status, err.message); }
+}
+```
+`RogueServerError` (5xx) and rate limits (429) and network/timeout failures are retried
+automatically (default 2 retries, exponential backoff with jitter).
+## Options
+```ts
+new RogueClient({
+  apiKey: "rsk_...",
+  baseUrl: "http://localhost:8006", // local dev; defaults to production
+  timeoutMs: 30000,
+  maxRetries: 2,
+  debug: true,                       // or "verbose" to log bodies; env: ROGUE_DEBUG=1
+});
+```
+## Local development
+```bash
+bun install
+bun run build
+bun run test
+```
+More: see [`../docs`](../docs) for the full API reference, check descriptions, and examples.

package/dist/index.cjs ADDED Viewed

@@ -0,0 +1,260 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  RogueAuthError: () => RogueAuthError,
+  RogueClient: () => RogueClient,
+  RogueConnectionError: () => RogueConnectionError,
+  RogueError: () => RogueError,
+  RogueNotFoundError: () => RogueNotFoundError,
+  RogueServerError: () => RogueServerError,
+  RogueTimeoutError: () => RogueTimeoutError,
+  RogueValidationError: () => RogueValidationError
+});
+module.exports = __toCommonJS(index_exports);
+// src/client.ts
+var import_async_retry = __toESM(require("async-retry"), 1);
+// src/errors.ts
+var RogueError = class extends Error {
+  /** HTTP status, or null for transport-level failures (timeout, connection). */
+  status;
+  /** Parsed response body, when one was received. */
+  body;
+  /** Value of the `x-request-id` response header, when present. */
+  requestId;
+  constructor(message, opts = {}) {
+    super(message, opts.cause !== void 0 ? { cause: opts.cause } : void 0);
+    this.name = this.constructor.name;
+    this.status = opts.status ?? null;
+    this.body = opts.body;
+    this.requestId = opts.requestId;
+  }
+};
+var RogueAuthError = class extends RogueError {
+};
+var RogueNotFoundError = class extends RogueError {
+};
+var RogueValidationError = class extends RogueError {
+};
+var RogueServerError = class extends RogueError {
+};
+var RogueTimeoutError = class extends RogueError {
+};
+var RogueConnectionError = class extends RogueError {
+};
+async function errorFromResponse(res) {
+  const requestId = res.headers.get("x-request-id") ?? void 0;
+  let body;
+  let message = `Rogue API error (status ${res.status})`;
+  try {
+    body = await res.json();
+    if (body && typeof body === "object" && "error" in body && typeof body.error === "string") {
+      message = body.error;
+    }
+  } catch {
+  }
+  const opts = { status: res.status, body, requestId };
+  if (res.status === 401) return new RogueAuthError(message, opts);
+  if (res.status === 404) return new RogueNotFoundError(message, opts);
+  if (res.status === 422) return new RogueValidationError(message, opts);
+  if (res.status >= 500) return new RogueServerError(message, opts);
+  return new RogueError(message, opts);
+}
+// src/debug.ts
+var API_KEY_HEADER = "x-rogue-api-key";
+function redactHeaders(headers) {
+  const out = {};
+  for (const [k, v] of Object.entries(headers)) {
+    out[k] = k.toLowerCase() === API_KEY_HEADER ? "***" : v;
+  }
+  return out;
+}
+var DebugLogger = class {
+  constructor(mode, logger) {
+    this.mode = mode;
+    this.logger = logger;
+  }
+  mode;
+  logger;
+  get enabled() {
+    return this.mode !== false;
+  }
+  get verbose() {
+    return this.mode === "verbose";
+  }
+  log(message, fields) {
+    if (this.enabled) this.logger.debug(`[rogue] ${message}`, fields);
+  }
+};
+// src/client.ts
+var DEFAULT_BASE_URL = "https://api.rogue.security";
+var EVALUATE_PATH = "/api/v1/evaluation/evaluate";
+var INVOKE_PATH = "/api/v1/evaluation/invoke";
+function envVar(name) {
+  return typeof process !== "undefined" ? process.env?.[name] : void 0;
+}
+function resolveDebugMode(option) {
+  if (option !== void 0) return option;
+  const env = envVar("ROGUE_DEBUG");
+  if (env === "verbose") return "verbose";
+  return env ? true : false;
+}
+var camelToSnake = (key) => key.replace(/[A-Z]/g, (c) => `_${c.toLowerCase()}`);
+var snakeToCamel = (key) => key.replace(/_([a-z])/g, (_, c) => c.toUpperCase());
+var OPAQUE_KEYS = /* @__PURE__ */ new Set(["metadata", "parameters", "arguments"]);
+function convertKeys(value, convert) {
+  if (Array.isArray(value)) return value.map((v) => convertKeys(v, convert));
+  if (value && typeof value === "object") {
+    const out = {};
+    for (const [k, v] of Object.entries(value)) {
+      if (v === void 0) continue;
+      out[convert(k)] = OPAQUE_KEYS.has(k) ? v : convertKeys(v, convert);
+    }
+    return out;
+  }
+  return value;
+}
+var RogueClient = class {
+  apiKey;
+  baseUrl;
+  timeoutMs;
+  maxRetries;
+  fetchFn;
+  debug;
+  constructor(options = {}) {
+    const apiKey = options.apiKey ?? envVar("ROGUE_API_KEY");
+    if (!apiKey) {
+      throw new RogueError(
+        "Missing API key. Pass { apiKey } or set the ROGUE_API_KEY environment variable."
+      );
+    }
+    this.apiKey = apiKey;
+    this.baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "");
+    this.timeoutMs = options.timeoutMs ?? 3e4;
+    this.maxRetries = options.maxRetries ?? 2;
+    if (options.fetch) {
+      this.fetchFn = options.fetch;
+    } else if (globalThis.fetch) {
+      this.fetchFn = globalThis.fetch.bind(globalThis);
+    } else {
+      throw new RogueError("No global fetch available. Pass a fetch implementation via { fetch }.");
+    }
+    this.debug = new DebugLogger(resolveDebugMode(options.debug), options.logger ?? console);
+  }
+  /** Run an inline evaluation. At least one check must be enabled. */
+  evaluate(params) {
+    return this.request(EVALUATE_PATH, params);
+  }
+  /** Run a saved guardrail's evaluation by id. */
+  invoke(params) {
+    return this.request(INVOKE_PATH, params);
+  }
+  request(path, params) {
+    const url = `${this.baseUrl}${path}`;
+    const body = JSON.stringify(convertKeys(params, camelToSnake));
+    const headers = {
+      "content-type": "application/json",
+      "x-rogue-api-key": this.apiKey
+    };
+    return (0, import_async_retry.default)(
+      async (bail, attemptNumber) => {
+        const attempt = attemptNumber - 1;
+        const started = Date.now();
+        if (this.debug.enabled) {
+          this.debug.log("request", {
+            method: "POST",
+            url,
+            attempt,
+            headers: redactHeaders(headers),
+            ...this.debug.verbose ? { body } : {}
+          });
+        }
+        let res;
+        try {
+          res = await this.fetchWithTimeout(url, { method: "POST", headers, body });
+        } catch (err2) {
+          const transportErr = this.toTransportError(err2);
+          this.debug.log("transport-error", { attempt, message: transportErr.message });
+          throw transportErr;
+        }
+        this.debug.log("response", { status: res.status, latencyMs: Date.now() - started, attempt });
+        if (res.ok) {
+          const json = await res.json();
+          return convertKeys(json, snakeToCamel);
+        }
+        const err = await errorFromResponse(res);
+        if (res.status === 429 || res.status >= 500) throw err;
+        bail(err);
+        throw err;
+      },
+      {
+        retries: this.maxRetries,
+        factor: 2,
+        minTimeout: 200,
+        maxTimeout: 5e3,
+        randomize: true
+      }
+    );
+  }
+  async fetchWithTimeout(url, init) {
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), this.timeoutMs);
+    try {
+      return await this.fetchFn(url, { ...init, signal: controller.signal });
+    } finally {
+      clearTimeout(timer);
+    }
+  }
+  toTransportError(err) {
+    const isAbort = err instanceof Error && err.name === "AbortError";
+    if (isAbort) {
+      return new RogueTimeoutError(`Request timed out after ${this.timeoutMs}ms`, { cause: err });
+    }
+    const message = err instanceof Error ? err.message : "Network request failed";
+    return new RogueConnectionError(message, { cause: err });
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  RogueAuthError,
+  RogueClient,
+  RogueConnectionError,
+  RogueError,
+  RogueNotFoundError,
+  RogueServerError,
+  RogueTimeoutError,
+  RogueValidationError
+});
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/index.ts","../src/client.ts","../src/errors.ts","../src/debug.ts"],"sourcesContent":["export { RogueClient } from \"./client\";\nexport type { RogueClientOptions } from \"./client\";\nexport {\n RogueError,\n RogueAuthError,\n RogueNotFoundError,\n RogueValidationError,\n RogueServerError,\n RogueTimeoutError,\n RogueConnectionError,\n} from \"./errors\";\nexport type { Logger, DebugMode } from \"./debug\";\nexport type {\n Mode,\n EvaluationTarget,\n Tool,\n ToolCall,\n Message,\n EvaluateParams,\n InvokeParams,\n EvaluationDetailResult,\n EvaluationResult,\n EvaluationResponse,\n} from \"./types\";\n","import retry from \"async-retry\";\nimport {\n RogueConnectionError,\n RogueError,\n RogueTimeoutError,\n errorFromResponse,\n} from \"./errors\";\nimport { DebugLogger, redactHeaders, type DebugMode, type Logger } from \"./debug\";\nimport type { EvaluateParams, EvaluationResponse, InvokeParams } from \"./types\";\n\n/** Default production base URL. Override via {@link RogueClientOptions.baseUrl} for local dev. */\nconst DEFAULT_BASE_URL = \"https://api.rogue.security\";\nconst EVALUATE_PATH = \"/api/v1/evaluation/evaluate\";\nconst INVOKE_PATH = \"/api/v1/evaluation/invoke\";\n\ntype FetchFn = typeof fetch;\n\nexport interface RogueClientOptions {\n /** `rsk_`-prefixed API key. Falls back to `ROGUE_API_KEY` env var. */\n apiKey?: string;\n /** Defaults to the production API. Use `http://localhost:8006` for local dev. */\n baseUrl?: string;\n /** Per-request timeout in milliseconds. Default 30000. */\n timeoutMs?: number;\n /** Max automatic retries on 429/5xx/network errors. Default 2. */\n maxRetries?: number;\n /** Inject a custom fetch (testing, proxies). Defaults to global `fetch`. */\n fetch?: FetchFn;\n /** Enable debug logging. `true` logs request lines; `\"verbose\"` also logs bodies. Env: `ROGUE_DEBUG`. */\n debug?: DebugMode;\n /** Logger for debug output. Defaults to `console`. */\n logger?: Logger;\n}\n\nfunction envVar(name: string): string | undefined {\n // Guarded for browser/edge runtimes where `process` is absent.\n return typeof process !== \"undefined\" ? process.env?.[name] : undefined;\n}\n\nfunction resolveDebugMode(option: DebugMode | undefined): DebugMode {\n if (option !== undefined) return option;\n const env = envVar(\"ROGUE_DEBUG\");\n if (env === \"verbose\") return \"verbose\";\n return env ? true : false;\n}\n\nconst camelToSnake = (key: string): string => key.replace(/[A-Z]/g, (c) => `_${c.toLowerCase()}`);\nconst snakeToCamel = (key: string): string => key.replace(/_([a-z])/g, (_, c: string) => c.toUpperCase());\n\n// Keys whose VALUES are opaque user/tool data: arbitrary metadata, JSON-schema tool\n// parameters, and tool-call arguments. Their nested keys must reach the API byte-for-byte,\n// so we rename the key itself (identity for these single words) but never recurse into them.\nconst OPAQUE_KEYS = new Set([\"metadata\", \"parameters\", \"arguments\"]);\n\n/**\n * Deep-convert object keys, dropping `undefined` values. Arrays/primitives pass through.\n * Values under {@link OPAQUE_KEYS} are copied verbatim so customer-defined keys survive.\n */\nfunction convertKeys(value: unknown, convert: (k: string) => string): unknown {\n if (Array.isArray(value)) return value.map((v) => convertKeys(v, convert));\n if (value && typeof value === \"object\") {\n const out: Record<string, unknown> = {};\n for (const [k, v] of Object.entries(value)) {\n if (v === undefined) continue;\n out[convert(k)] = OPAQUE_KEYS.has(k) ? v : convertKeys(v, convert);\n }\n return out;\n }\n return value;\n}\n\nexport class RogueClient {\n private readonly apiKey: string;\n private readonly baseUrl: string;\n private readonly timeoutMs: number;\n private readonly maxRetries: number;\n private readonly fetchFn: FetchFn;\n private readonly debug: DebugLogger;\n\n constructor(options: RogueClientOptions = {}) {\n const apiKey = options.apiKey ?? envVar(\"ROGUE_API_KEY\");\n if (!apiKey) {\n throw new RogueError(\n \"Missing API key. Pass { apiKey } or set the ROGUE_API_KEY environment variable.\",\n );\n }\n this.apiKey = apiKey;\n this.baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\\/$/, \"\");\n this.timeoutMs = options.timeoutMs ?? 30000;\n this.maxRetries = options.maxRetries ?? 2;\n if (options.fetch) {\n this.fetchFn = options.fetch;\n } else if (globalThis.fetch) {\n // Native fetch must be called with `this` === the global, or browsers/edge\n // runtimes throw \"Illegal invocation\". Bind it once here.\n this.fetchFn = globalThis.fetch.bind(globalThis);\n } else {\n throw new RogueError(\"No global fetch available. Pass a fetch implementation via { fetch }.\");\n }\n this.debug = new DebugLogger(resolveDebugMode(options.debug), options.logger ?? console);\n }\n\n /** Run an inline evaluation. At least one check must be enabled. */\n evaluate(params: EvaluateParams): Promise<EvaluationResponse> {\n return this.request(EVALUATE_PATH, params);\n }\n\n /** Run a saved guardrail's evaluation by id. */\n invoke(params: InvokeParams): Promise<EvaluationResponse> {\n return this.request(INVOKE_PATH, params);\n }\n\n private request(path: string, params: object): Promise<EvaluationResponse> {\n const url = `${this.baseUrl}${path}`;\n const body = JSON.stringify(convertKeys(params, camelToSnake));\n const headers = {\n \"content-type\": \"application/json\",\n \"x-rogue-api-key\": this.apiKey,\n };\n\n // async-retry: throw to retry (transient), bail() to stop (deterministic 4xx).\n return retry<EvaluationResponse>(\n async (bail, attemptNumber) => {\n const attempt = attemptNumber - 1; // async-retry counts from 1\n const started = Date.now();\n if (this.debug.enabled) {\n this.debug.log(\"request\", {\n method: \"POST\",\n url,\n attempt,\n headers: redactHeaders(headers),\n ...(this.debug.verbose ? { body } : {}),\n });\n }\n\n let res: Response;\n try {\n res = await this.fetchWithTimeout(url, { method: \"POST\", headers, body });\n } catch (err) {\n // Transport faults (timeout/connection) are retryable: throw to retry.\n const transportErr = this.toTransportError(err);\n this.debug.log(\"transport-error\", { attempt, message: transportErr.message });\n throw transportErr;\n }\n\n this.debug.log(\"response\", { status: res.status, latencyMs: Date.now() - started, attempt });\n\n if (res.ok) {\n const json = await res.json();\n return convertKeys(json, snakeToCamel) as EvaluationResponse;\n }\n\n const err = await errorFromResponse(res);\n // Retry only transient server / rate-limit failures; 4xx are deterministic.\n if (res.status === 429 || res.status >= 500) throw err;\n bail(err);\n throw err; // unreachable after bail(); satisfies the type checker\n },\n {\n retries: this.maxRetries,\n factor: 2,\n minTimeout: 200,\n maxTimeout: 5000,\n randomize: true,\n },\n );\n }\n\n private async fetchWithTimeout(url: string, init: RequestInit): Promise<Response> {\n const controller = new AbortController();\n const timer = setTimeout(() => controller.abort(), this.timeoutMs);\n try {\n return await this.fetchFn(url, { ...init, signal: controller.signal });\n } finally {\n clearTimeout(timer);\n }\n }\n\n private toTransportError(err: unknown): RogueError {\n const isAbort = err instanceof Error && err.name === \"AbortError\";\n if (isAbort) {\n return new RogueTimeoutError(`Request timed out after ${this.timeoutMs}ms`, { cause: err });\n }\n const message = err instanceof Error ? err.message : \"Network request failed\";\n return new RogueConnectionError(message, { cause: err });\n }\n}\n","/** Base class for every error thrown by the SDK. Catch this to handle them all. */\nexport class RogueError extends Error {\n /** HTTP status, or null for transport-level failures (timeout, connection). */\n readonly status: number | null;\n /** Parsed response body, when one was received. */\n readonly body: unknown;\n /** Value of the `x-request-id` response header, when present. */\n readonly requestId?: string;\n\n constructor(\n message: string,\n opts: { status?: number | null; body?: unknown; requestId?: string; cause?: unknown } = {},\n ) {\n super(message, opts.cause !== undefined ? { cause: opts.cause } : undefined);\n this.name = this.constructor.name;\n this.status = opts.status ?? null;\n this.body = opts.body;\n this.requestId = opts.requestId;\n }\n}\n\n/** 401 — missing or invalid API key. */\nexport class RogueAuthError extends RogueError {}\n/** 404 — guardrail / evaluation not found (invoke). */\nexport class RogueNotFoundError extends RogueError {}\n/** 422 — invalid request (e.g. no checks enabled). */\nexport class RogueValidationError extends RogueError {}\n/** 5xx — server-side failure. Retried automatically up to maxRetries. */\nexport class RogueServerError extends RogueError {}\n/** Request exceeded the configured timeout. */\nexport class RogueTimeoutError extends RogueError {}\n/** Network-level failure (DNS, connection refused, etc.). */\nexport class RogueConnectionError extends RogueError {}\n\n/** Build the right error subclass from a non-2xx response. */\nexport async function errorFromResponse(res: Response): Promise<RogueError> {\n const requestId = res.headers.get(\"x-request-id\") ?? undefined;\n let body: unknown;\n let message = `Rogue API error (status ${res.status})`;\n try {\n body = await res.json();\n if (body && typeof body === \"object\" && \"error\" in body && typeof body.error === \"string\") {\n message = body.error;\n }\n } catch {\n // Non-JSON body; keep the default message.\n }\n const opts = { status: res.status, body, requestId };\n if (res.status === 401) return new RogueAuthError(message, opts);\n if (res.status === 404) return new RogueNotFoundError(message, opts);\n if (res.status === 422) return new RogueValidationError(message, opts);\n if (res.status >= 500) return new RogueServerError(message, opts);\n return new RogueError(message, opts);\n}\n","/** Minimal pluggable logger. `console` satisfies this. */\nexport interface Logger {\n debug(message: string, ...args: unknown[]): void;\n}\n\nexport type DebugMode = boolean | \"verbose\";\n\nconst API_KEY_HEADER = \"x-rogue-api-key\";\n\n/** Mask the API key so it never lands in logs. */\nexport function redactHeaders(headers: Record<string, string>): Record<string, string> {\n const out: Record<string, string> = {};\n for (const [k, v] of Object.entries(headers)) {\n out[k] = k.toLowerCase() === API_KEY_HEADER ? \"***\" : v;\n }\n return out;\n}\n\nexport class DebugLogger {\n constructor(\n private readonly mode: DebugMode,\n private readonly logger: Logger,\n ) {}\n\n get enabled(): boolean {\n return this.mode !== false;\n }\n\n get verbose(): boolean {\n return this.mode === \"verbose\";\n }\n\n log(message: string, fields: Record<string, unknown>): void {\n if (this.enabled) this.logger.debug(`[rogue] ${message}`, fields);\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,yBAAkB;;;ACCX,IAAM,aAAN,cAAyB,MAAM;AAAA;AAAA,EAE3B;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA,EAET,YACE,SACA,OAAwF,CAAC,GACzF;AACA,UAAM,SAAS,KAAK,UAAU,SAAY,EAAE,OAAO,KAAK,MAAM,IAAI,MAAS;AAC3E,SAAK,OAAO,KAAK,YAAY;AAC7B,SAAK,SAAS,KAAK,UAAU;AAC7B,SAAK,OAAO,KAAK;AACjB,SAAK,YAAY,KAAK;AAAA,EACxB;AACF;AAGO,IAAM,iBAAN,cAA6B,WAAW;AAAC;AAEzC,IAAM,qBAAN,cAAiC,WAAW;AAAC;AAE7C,IAAM,uBAAN,cAAmC,WAAW;AAAC;AAE/C,IAAM,mBAAN,cAA+B,WAAW;AAAC;AAE3C,IAAM,oBAAN,cAAgC,WAAW;AAAC;AAE5C,IAAM,uBAAN,cAAmC,WAAW;AAAC;AAGtD,eAAsB,kBAAkB,KAAoC;AAC1E,QAAM,YAAY,IAAI,QAAQ,IAAI,cAAc,KAAK;AACrD,MAAI;AACJ,MAAI,UAAU,2BAA2B,IAAI,MAAM;AACnD,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AACtB,QAAI,QAAQ,OAAO,SAAS,YAAY,WAAW,QAAQ,OAAO,KAAK,UAAU,UAAU;AACzF,gBAAU,KAAK;AAAA,IACjB;AAAA,EACF,QAAQ;AAAA,EAER;AACA,QAAM,OAAO,EAAE,QAAQ,IAAI,QAAQ,MAAM,UAAU;AACnD,MAAI,IAAI,WAAW,IAAK,QAAO,IAAI,eAAe,SAAS,IAAI;AAC/D,MAAI,IAAI,WAAW,IAAK,QAAO,IAAI,mBAAmB,SAAS,IAAI;AACnE,MAAI,IAAI,WAAW,IAAK,QAAO,IAAI,qBAAqB,SAAS,IAAI;AACrE,MAAI,IAAI,UAAU,IAAK,QAAO,IAAI,iBAAiB,SAAS,IAAI;AAChE,SAAO,IAAI,WAAW,SAAS,IAAI;AACrC;;;AC9CA,IAAM,iBAAiB;AAGhB,SAAS,cAAc,SAAyD;AACrF,QAAM,MAA8B,CAAC;AACrC,aAAW,CAAC,GAAG,CAAC,KAAK,OAAO,QAAQ,OAAO,GAAG;AAC5C,QAAI,CAAC,IAAI,EAAE,YAAY,MAAM,iBAAiB,QAAQ;AAAA,EACxD;AACA,SAAO;AACT;AAEO,IAAM,cAAN,MAAkB;AAAA,EACvB,YACmB,MACA,QACjB;AAFiB;AACA;AAAA,EAChB;AAAA,EAFgB;AAAA,EACA;AAAA,EAGnB,IAAI,UAAmB;AACrB,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,IAAI,UAAmB;AACrB,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,IAAI,SAAiB,QAAuC;AAC1D,QAAI,KAAK,QAAS,MAAK,OAAO,MAAM,WAAW,OAAO,IAAI,MAAM;AAAA,EAClE;AACF;;;AFxBA,IAAM,mBAAmB;AACzB,IAAM,gBAAgB;AACtB,IAAM,cAAc;AAqBpB,SAAS,OAAO,MAAkC;AAEhD,SAAO,OAAO,YAAY,cAAc,QAAQ,MAAM,IAAI,IAAI;AAChE;AAEA,SAAS,iBAAiB,QAA0C;AAClE,MAAI,WAAW,OAAW,QAAO;AACjC,QAAM,MAAM,OAAO,aAAa;AAChC,MAAI,QAAQ,UAAW,QAAO;AAC9B,SAAO,MAAM,OAAO;AACtB;AAEA,IAAM,eAAe,CAAC,QAAwB,IAAI,QAAQ,UAAU,CAAC,MAAM,IAAI,EAAE,YAAY,CAAC,EAAE;AAChG,IAAM,eAAe,CAAC,QAAwB,IAAI,QAAQ,aAAa,CAAC,GAAG,MAAc,EAAE,YAAY,CAAC;AAKxG,IAAM,cAAc,oBAAI,IAAI,CAAC,YAAY,cAAc,WAAW,CAAC;AAMnE,SAAS,YAAY,OAAgB,SAAyC;AAC5E,MAAI,MAAM,QAAQ,KAAK,EAAG,QAAO,MAAM,IAAI,CAAC,MAAM,YAAY,GAAG,OAAO,CAAC;AACzE,MAAI,SAAS,OAAO,UAAU,UAAU;AACtC,UAAM,MAA+B,CAAC;AACtC,eAAW,CAAC,GAAG,CAAC,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC1C,UAAI,MAAM,OAAW;AACrB,UAAI,QAAQ,CAAC,CAAC,IAAI,YAAY,IAAI,CAAC,IAAI,IAAI,YAAY,GAAG,OAAO;AAAA,IACnE;AACA,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAEO,IAAM,cAAN,MAAkB;AAAA,EACN;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,UAA8B,CAAC,GAAG;AAC5C,UAAM,SAAS,QAAQ,UAAU,OAAO,eAAe;AACvD,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,SAAK,SAAS;AACd,SAAK,WAAW,QAAQ,WAAW,kBAAkB,QAAQ,OAAO,EAAE;AACtE,SAAK,YAAY,QAAQ,aAAa;AACtC,SAAK,aAAa,QAAQ,cAAc;AACxC,QAAI,QAAQ,OAAO;AACjB,WAAK,UAAU,QAAQ;AAAA,IACzB,WAAW,WAAW,OAAO;AAG3B,WAAK,UAAU,WAAW,MAAM,KAAK,UAAU;AAAA,IACjD,OAAO;AACL,YAAM,IAAI,WAAW,uEAAuE;AAAA,IAC9F;AACA,SAAK,QAAQ,IAAI,YAAY,iBAAiB,QAAQ,KAAK,GAAG,QAAQ,UAAU,OAAO;AAAA,EACzF;AAAA;AAAA,EAGA,SAAS,QAAqD;AAC5D,WAAO,KAAK,QAAQ,eAAe,MAAM;AAAA,EAC3C;AAAA;AAAA,EAGA,OAAO,QAAmD;AACxD,WAAO,KAAK,QAAQ,aAAa,MAAM;AAAA,EACzC;AAAA,EAEQ,QAAQ,MAAc,QAA6C;AACzE,UAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI;AAClC,UAAM,OAAO,KAAK,UAAU,YAAY,QAAQ,YAAY,CAAC;AAC7D,UAAM,UAAU;AAAA,MACd,gBAAgB;AAAA,MAChB,mBAAmB,KAAK;AAAA,IAC1B;AAGA,eAAO,mBAAAA;AAAA,MACL,OAAO,MAAM,kBAAkB;AAC7B,cAAM,UAAU,gBAAgB;AAChC,cAAM,UAAU,KAAK,IAAI;AACzB,YAAI,KAAK,MAAM,SAAS;AACtB,eAAK,MAAM,IAAI,WAAW;AAAA,YACxB,QAAQ;AAAA,YACR;AAAA,YACA;AAAA,YACA,SAAS,cAAc,OAAO;AAAA,YAC9B,GAAI,KAAK,MAAM,UAAU,EAAE,KAAK,IAAI,CAAC;AAAA,UACvC,CAAC;AAAA,QACH;AAEA,YAAI;AACJ,YAAI;AACF,gBAAM,MAAM,KAAK,iBAAiB,KAAK,EAAE,QAAQ,QAAQ,SAAS,KAAK,CAAC;AAAA,QAC1E,SAASC,MAAK;AAEZ,gBAAM,eAAe,KAAK,iBAAiBA,IAAG;AAC9C,eAAK,MAAM,IAAI,mBAAmB,EAAE,SAAS,SAAS,aAAa,QAAQ,CAAC;AAC5E,gBAAM;AAAA,QACR;AAEA,aAAK,MAAM,IAAI,YAAY,EAAE,QAAQ,IAAI,QAAQ,WAAW,KAAK,IAAI,IAAI,SAAS,QAAQ,CAAC;AAE3F,YAAI,IAAI,IAAI;AACV,gBAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,iBAAO,YAAY,MAAM,YAAY;AAAA,QACvC;AAEA,cAAM,MAAM,MAAM,kBAAkB,GAAG;AAEvC,YAAI,IAAI,WAAW,OAAO,IAAI,UAAU,IAAK,OAAM;AACnD,aAAK,GAAG;AACR,cAAM;AAAA,MACR;AAAA,MACA;AAAA,QACE,SAAS,KAAK;AAAA,QACd,QAAQ;AAAA,QACR,YAAY;AAAA,QACZ,YAAY;AAAA,QACZ,WAAW;AAAA,MACb;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAc,iBAAiB,KAAa,MAAsC;AAChF,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,QAAQ,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,SAAS;AACjE,QAAI;AACF,aAAO,MAAM,KAAK,QAAQ,KAAK,EAAE,GAAG,MAAM,QAAQ,WAAW,OAAO,CAAC;AAAA,IACvE,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA0B;AACjD,UAAM,UAAU,eAAe,SAAS,IAAI,SAAS;AACrD,QAAI,SAAS;AACX,aAAO,IAAI,kBAAkB,2BAA2B,KAAK,SAAS,MAAM,EAAE,OAAO,IAAI,CAAC;AAAA,IAC5F;AACA,UAAM,UAAU,eAAe,QAAQ,IAAI,UAAU;AACrD,WAAO,IAAI,qBAAqB,SAAS,EAAE,OAAO,IAAI,CAAC;AAAA,EACzD;AACF;","names":["retry","err"]}

package/dist/index.d.cts ADDED Viewed

@@ -0,0 +1,168 @@
+/** Minimal pluggable logger. `console` satisfies this. */
+interface Logger {
+    debug(message: string, ...args: unknown[]): void;
+}
+type DebugMode = boolean | "verbose";
+/**
+ * Public types for the Rogue Security AppSec API.
+ *
+ * The SDK surface is camelCase; the wire protocol is snake_case. Conversion
+ * happens at the transport boundary (see client.ts), so consumers never touch
+ * snake_case.
+ */
+type Mode = "speed" | "balanced" | "quality";
+/** Target for policy / topic-scoping checks. */
+type EvaluationTarget = "input" | "output" | "both";
+interface Tool {
+    name: string;
+    description?: string;
+    parameters?: Record<string, unknown>;
+}
+interface ToolCall {
+    id?: string;
+    type?: string;
+    function: {
+        name: string;
+        arguments: unknown;
+    };
+}
+interface Message {
+    role: string;
+    content?: string;
+    toolCalls?: ToolCall[];
+}
+/** Fields shared by `evaluate` and `invoke`. */
+interface CommonParams {
+    /**
+     * Canonical conversation to evaluate, e.g.
+     * `[{ role: "user", content: "..." }, { role: "assistant", content: "..." }]`.
+     */
+    messages: Message[];
+    availableTools?: Tool[];
+    /** Arbitrary string-valued tags stored alongside the evaluation. */
+    metadata?: Record<string, string>;
+}
+/**
+ * Inline evaluation. At least one check must be enabled or the API returns 422
+ * ({@link RogueValidationError}).
+ */
+interface EvaluateParams extends CommonParams {
+    hallucinationsCheck?: boolean;
+    hallucinationsMode?: Mode;
+    groundingCheck?: boolean;
+    groundingMode?: Mode;
+    groundingMultiTurnMode?: boolean;
+    assertions?: string[];
+    assertionsMode?: Mode;
+    policyTarget?: EvaluationTarget;
+    policyMultiTurnMode?: boolean;
+    policyIncludeTools?: boolean;
+    piiCheck?: boolean;
+    promptInjections?: boolean;
+    contentModerationCheck?: boolean;
+    toolUseQualityCheck?: boolean;
+    tuqMode?: Mode;
+    allowedTopics?: string[];
+    topicScopingMode?: Mode;
+    topicScopingTarget?: EvaluationTarget;
+    topicScopingMultiTurnMode?: boolean;
+    codingAgentSecurityCheck?: boolean;
+    codingAgentSecurityMode?: Mode;
+}
+/** Run a saved guardrail's evaluation by its id. */
+interface InvokeParams extends CommonParams {
+    guardrailId: string;
+}
+interface EvaluationDetailResult {
+    name: string;
+    score: number;
+    label: string;
+    confidenceScore: number;
+    reason: string;
+    quote?: string;
+    flagged: boolean;
+    data?: string;
+}
+interface EvaluationResult {
+    type: string;
+    results: EvaluationDetailResult[];
+}
+interface EvaluationResponse {
+    /** "success" | "failed" and similar. */
+    status: string;
+    score: number | null;
+    evaluationResults: EvaluationResult[];
+    /** Present only on `invoke`: true when the guardrail is set to block and the evaluation failed. */
+    blocked?: boolean;
+}
+type FetchFn = typeof fetch;
+interface RogueClientOptions {
+    /** `rsk_`-prefixed API key. Falls back to `ROGUE_API_KEY` env var. */
+    apiKey?: string;
+    /** Defaults to the production API. Use `http://localhost:8006` for local dev. */
+    baseUrl?: string;
+    /** Per-request timeout in milliseconds. Default 30000. */
+    timeoutMs?: number;
+    /** Max automatic retries on 429/5xx/network errors. Default 2. */
+    maxRetries?: number;
+    /** Inject a custom fetch (testing, proxies). Defaults to global `fetch`. */
+    fetch?: FetchFn;
+    /** Enable debug logging. `true` logs request lines; `"verbose"` also logs bodies. Env: `ROGUE_DEBUG`. */
+    debug?: DebugMode;
+    /** Logger for debug output. Defaults to `console`. */
+    logger?: Logger;
+}
+declare class RogueClient {
+    private readonly apiKey;
+    private readonly baseUrl;
+    private readonly timeoutMs;
+    private readonly maxRetries;
+    private readonly fetchFn;
+    private readonly debug;
+    constructor(options?: RogueClientOptions);
+    /** Run an inline evaluation. At least one check must be enabled. */
+    evaluate(params: EvaluateParams): Promise<EvaluationResponse>;
+    /** Run a saved guardrail's evaluation by id. */
+    invoke(params: InvokeParams): Promise<EvaluationResponse>;
+    private request;
+    private fetchWithTimeout;
+    private toTransportError;
+}
+/** Base class for every error thrown by the SDK. Catch this to handle them all. */
+declare class RogueError extends Error {
+    /** HTTP status, or null for transport-level failures (timeout, connection). */
+    readonly status: number | null;
+    /** Parsed response body, when one was received. */
+    readonly body: unknown;
+    /** Value of the `x-request-id` response header, when present. */
+    readonly requestId?: string;
+    constructor(message: string, opts?: {
+        status?: number | null;
+        body?: unknown;
+        requestId?: string;
+        cause?: unknown;
+    });
+}
+/** 401 — missing or invalid API key. */
+declare class RogueAuthError extends RogueError {
+}
+/** 404 — guardrail / evaluation not found (invoke). */
+declare class RogueNotFoundError extends RogueError {
+}
+/** 422 — invalid request (e.g. no checks enabled). */
+declare class RogueValidationError extends RogueError {
+}
+/** 5xx — server-side failure. Retried automatically up to maxRetries. */
+declare class RogueServerError extends RogueError {
+}
+/** Request exceeded the configured timeout. */
+declare class RogueTimeoutError extends RogueError {
+}
+/** Network-level failure (DNS, connection refused, etc.). */
+declare class RogueConnectionError extends RogueError {
+}
+export { type DebugMode, type EvaluateParams, type EvaluationDetailResult, type EvaluationResponse, type EvaluationResult, type EvaluationTarget, type InvokeParams, type Logger, type Message, type Mode, RogueAuthError, RogueClient, type RogueClientOptions, RogueConnectionError, RogueError, RogueNotFoundError, RogueServerError, RogueTimeoutError, RogueValidationError, type Tool, type ToolCall };

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,168 @@
+/** Minimal pluggable logger. `console` satisfies this. */
+interface Logger {
+    debug(message: string, ...args: unknown[]): void;
+}
+type DebugMode = boolean | "verbose";
+/**
+ * Public types for the Rogue Security AppSec API.
+ *
+ * The SDK surface is camelCase; the wire protocol is snake_case. Conversion
+ * happens at the transport boundary (see client.ts), so consumers never touch
+ * snake_case.
+ */
+type Mode = "speed" | "balanced" | "quality";
+/** Target for policy / topic-scoping checks. */
+type EvaluationTarget = "input" | "output" | "both";
+interface Tool {
+    name: string;
+    description?: string;
+    parameters?: Record<string, unknown>;
+}
+interface ToolCall {
+    id?: string;
+    type?: string;
+    function: {
+        name: string;
+        arguments: unknown;
+    };
+}
+interface Message {
+    role: string;
+    content?: string;
+    toolCalls?: ToolCall[];
+}
+/** Fields shared by `evaluate` and `invoke`. */
+interface CommonParams {
+    /**
+     * Canonical conversation to evaluate, e.g.
+     * `[{ role: "user", content: "..." }, { role: "assistant", content: "..." }]`.
+     */
+    messages: Message[];
+    availableTools?: Tool[];
+    /** Arbitrary string-valued tags stored alongside the evaluation. */
+    metadata?: Record<string, string>;
+}
+/**
+ * Inline evaluation. At least one check must be enabled or the API returns 422
+ * ({@link RogueValidationError}).
+ */
+interface EvaluateParams extends CommonParams {
+    hallucinationsCheck?: boolean;
+    hallucinationsMode?: Mode;
+    groundingCheck?: boolean;
+    groundingMode?: Mode;
+    groundingMultiTurnMode?: boolean;
+    assertions?: string[];
+    assertionsMode?: Mode;
+    policyTarget?: EvaluationTarget;
+    policyMultiTurnMode?: boolean;
+    policyIncludeTools?: boolean;
+    piiCheck?: boolean;
+    promptInjections?: boolean;
+    contentModerationCheck?: boolean;
+    toolUseQualityCheck?: boolean;
+    tuqMode?: Mode;
+    allowedTopics?: string[];
+    topicScopingMode?: Mode;
+    topicScopingTarget?: EvaluationTarget;
+    topicScopingMultiTurnMode?: boolean;
+    codingAgentSecurityCheck?: boolean;
+    codingAgentSecurityMode?: Mode;
+}
+/** Run a saved guardrail's evaluation by its id. */
+interface InvokeParams extends CommonParams {
+    guardrailId: string;
+}
+interface EvaluationDetailResult {
+    name: string;
+    score: number;
+    label: string;
+    confidenceScore: number;
+    reason: string;
+    quote?: string;
+    flagged: boolean;
+    data?: string;
+}
+interface EvaluationResult {
+    type: string;
+    results: EvaluationDetailResult[];
+}
+interface EvaluationResponse {
+    /** "success" | "failed" and similar. */
+    status: string;
+    score: number | null;
+    evaluationResults: EvaluationResult[];
+    /** Present only on `invoke`: true when the guardrail is set to block and the evaluation failed. */
+    blocked?: boolean;
+}
+type FetchFn = typeof fetch;
+interface RogueClientOptions {
+    /** `rsk_`-prefixed API key. Falls back to `ROGUE_API_KEY` env var. */
+    apiKey?: string;
+    /** Defaults to the production API. Use `http://localhost:8006` for local dev. */
+    baseUrl?: string;
+    /** Per-request timeout in milliseconds. Default 30000. */
+    timeoutMs?: number;
+    /** Max automatic retries on 429/5xx/network errors. Default 2. */
+    maxRetries?: number;
+    /** Inject a custom fetch (testing, proxies). Defaults to global `fetch`. */
+    fetch?: FetchFn;
+    /** Enable debug logging. `true` logs request lines; `"verbose"` also logs bodies. Env: `ROGUE_DEBUG`. */
+    debug?: DebugMode;
+    /** Logger for debug output. Defaults to `console`. */
+    logger?: Logger;
+}
+declare class RogueClient {
+    private readonly apiKey;
+    private readonly baseUrl;
+    private readonly timeoutMs;
+    private readonly maxRetries;
+    private readonly fetchFn;
+    private readonly debug;
+    constructor(options?: RogueClientOptions);
+    /** Run an inline evaluation. At least one check must be enabled. */
+    evaluate(params: EvaluateParams): Promise<EvaluationResponse>;
+    /** Run a saved guardrail's evaluation by id. */
+    invoke(params: InvokeParams): Promise<EvaluationResponse>;
+    private request;
+    private fetchWithTimeout;
+    private toTransportError;
+}
+/** Base class for every error thrown by the SDK. Catch this to handle them all. */
+declare class RogueError extends Error {
+    /** HTTP status, or null for transport-level failures (timeout, connection). */
+    readonly status: number | null;
+    /** Parsed response body, when one was received. */
+    readonly body: unknown;
+    /** Value of the `x-request-id` response header, when present. */
+    readonly requestId?: string;
+    constructor(message: string, opts?: {
+        status?: number | null;
+        body?: unknown;
+        requestId?: string;
+        cause?: unknown;
+    });
+}
+/** 401 — missing or invalid API key. */
+declare class RogueAuthError extends RogueError {
+}
+/** 404 — guardrail / evaluation not found (invoke). */
+declare class RogueNotFoundError extends RogueError {
+}
+/** 422 — invalid request (e.g. no checks enabled). */
+declare class RogueValidationError extends RogueError {
+}
+/** 5xx — server-side failure. Retried automatically up to maxRetries. */
+declare class RogueServerError extends RogueError {
+}
+/** Request exceeded the configured timeout. */
+declare class RogueTimeoutError extends RogueError {
+}
+/** Network-level failure (DNS, connection refused, etc.). */
+declare class RogueConnectionError extends RogueError {
+}
+export { type DebugMode, type EvaluateParams, type EvaluationDetailResult, type EvaluationResponse, type EvaluationResult, type EvaluationTarget, type InvokeParams, type Logger, type Message, type Mode, RogueAuthError, RogueClient, type RogueClientOptions, RogueConnectionError, RogueError, RogueNotFoundError, RogueServerError, RogueTimeoutError, RogueValidationError, type Tool, type ToolCall };

package/dist/index.js ADDED Viewed

@@ -0,0 +1,216 @@
+// src/client.ts
+import retry from "async-retry";
+// src/errors.ts
+var RogueError = class extends Error {
+  /** HTTP status, or null for transport-level failures (timeout, connection). */
+  status;
+  /** Parsed response body, when one was received. */
+  body;
+  /** Value of the `x-request-id` response header, when present. */
+  requestId;
+  constructor(message, opts = {}) {
+    super(message, opts.cause !== void 0 ? { cause: opts.cause } : void 0);
+    this.name = this.constructor.name;
+    this.status = opts.status ?? null;
+    this.body = opts.body;
+    this.requestId = opts.requestId;
+  }
+};
+var RogueAuthError = class extends RogueError {
+};
+var RogueNotFoundError = class extends RogueError {
+};
+var RogueValidationError = class extends RogueError {
+};
+var RogueServerError = class extends RogueError {
+};
+var RogueTimeoutError = class extends RogueError {
+};
+var RogueConnectionError = class extends RogueError {
+};
+async function errorFromResponse(res) {
+  const requestId = res.headers.get("x-request-id") ?? void 0;
+  let body;
+  let message = `Rogue API error (status ${res.status})`;
+  try {
+    body = await res.json();
+    if (body && typeof body === "object" && "error" in body && typeof body.error === "string") {
+      message = body.error;
+    }
+  } catch {
+  }
+  const opts = { status: res.status, body, requestId };
+  if (res.status === 401) return new RogueAuthError(message, opts);
+  if (res.status === 404) return new RogueNotFoundError(message, opts);
+  if (res.status === 422) return new RogueValidationError(message, opts);
+  if (res.status >= 500) return new RogueServerError(message, opts);
+  return new RogueError(message, opts);
+}
+// src/debug.ts
+var API_KEY_HEADER = "x-rogue-api-key";
+function redactHeaders(headers) {
+  const out = {};
+  for (const [k, v] of Object.entries(headers)) {
+    out[k] = k.toLowerCase() === API_KEY_HEADER ? "***" : v;
+  }
+  return out;
+}
+var DebugLogger = class {
+  constructor(mode, logger) {
+    this.mode = mode;
+    this.logger = logger;
+  }
+  mode;
+  logger;
+  get enabled() {
+    return this.mode !== false;
+  }
+  get verbose() {
+    return this.mode === "verbose";
+  }
+  log(message, fields) {
+    if (this.enabled) this.logger.debug(`[rogue] ${message}`, fields);
+  }
+};
+// src/client.ts
+var DEFAULT_BASE_URL = "https://api.rogue.security";
+var EVALUATE_PATH = "/api/v1/evaluation/evaluate";
+var INVOKE_PATH = "/api/v1/evaluation/invoke";
+function envVar(name) {
+  return typeof process !== "undefined" ? process.env?.[name] : void 0;
+}
+function resolveDebugMode(option) {
+  if (option !== void 0) return option;
+  const env = envVar("ROGUE_DEBUG");
+  if (env === "verbose") return "verbose";
+  return env ? true : false;
+}
+var camelToSnake = (key) => key.replace(/[A-Z]/g, (c) => `_${c.toLowerCase()}`);
+var snakeToCamel = (key) => key.replace(/_([a-z])/g, (_, c) => c.toUpperCase());
+var OPAQUE_KEYS = /* @__PURE__ */ new Set(["metadata", "parameters", "arguments"]);
+function convertKeys(value, convert) {
+  if (Array.isArray(value)) return value.map((v) => convertKeys(v, convert));
+  if (value && typeof value === "object") {
+    const out = {};
+    for (const [k, v] of Object.entries(value)) {
+      if (v === void 0) continue;
+      out[convert(k)] = OPAQUE_KEYS.has(k) ? v : convertKeys(v, convert);
+    }
+    return out;
+  }
+  return value;
+}
+var RogueClient = class {
+  apiKey;
+  baseUrl;
+  timeoutMs;
+  maxRetries;
+  fetchFn;
+  debug;
+  constructor(options = {}) {
+    const apiKey = options.apiKey ?? envVar("ROGUE_API_KEY");
+    if (!apiKey) {
+      throw new RogueError(
+        "Missing API key. Pass { apiKey } or set the ROGUE_API_KEY environment variable."
+      );
+    }
+    this.apiKey = apiKey;
+    this.baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "");
+    this.timeoutMs = options.timeoutMs ?? 3e4;
+    this.maxRetries = options.maxRetries ?? 2;
+    if (options.fetch) {
+      this.fetchFn = options.fetch;
+    } else if (globalThis.fetch) {
+      this.fetchFn = globalThis.fetch.bind(globalThis);
+    } else {
+      throw new RogueError("No global fetch available. Pass a fetch implementation via { fetch }.");
+    }
+    this.debug = new DebugLogger(resolveDebugMode(options.debug), options.logger ?? console);
+  }
+  /** Run an inline evaluation. At least one check must be enabled. */
+  evaluate(params) {
+    return this.request(EVALUATE_PATH, params);
+  }
+  /** Run a saved guardrail's evaluation by id. */
+  invoke(params) {
+    return this.request(INVOKE_PATH, params);
+  }
+  request(path, params) {
+    const url = `${this.baseUrl}${path}`;
+    const body = JSON.stringify(convertKeys(params, camelToSnake));
+    const headers = {
+      "content-type": "application/json",
+      "x-rogue-api-key": this.apiKey
+    };
+    return retry(
+      async (bail, attemptNumber) => {
+        const attempt = attemptNumber - 1;
+        const started = Date.now();
+        if (this.debug.enabled) {
+          this.debug.log("request", {
+            method: "POST",
+            url,
+            attempt,
+            headers: redactHeaders(headers),
+            ...this.debug.verbose ? { body } : {}
+          });
+        }
+        let res;
+        try {
+          res = await this.fetchWithTimeout(url, { method: "POST", headers, body });
+        } catch (err2) {
+          const transportErr = this.toTransportError(err2);
+          this.debug.log("transport-error", { attempt, message: transportErr.message });
+          throw transportErr;
+        }
+        this.debug.log("response", { status: res.status, latencyMs: Date.now() - started, attempt });
+        if (res.ok) {
+          const json = await res.json();
+          return convertKeys(json, snakeToCamel);
+        }
+        const err = await errorFromResponse(res);
+        if (res.status === 429 || res.status >= 500) throw err;
+        bail(err);
+        throw err;
+      },
+      {
+        retries: this.maxRetries,
+        factor: 2,
+        minTimeout: 200,
+        maxTimeout: 5e3,
+        randomize: true
+      }
+    );
+  }
+  async fetchWithTimeout(url, init) {
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), this.timeoutMs);
+    try {
+      return await this.fetchFn(url, { ...init, signal: controller.signal });
+    } finally {
+      clearTimeout(timer);
+    }
+  }
+  toTransportError(err) {
+    const isAbort = err instanceof Error && err.name === "AbortError";
+    if (isAbort) {
+      return new RogueTimeoutError(`Request timed out after ${this.timeoutMs}ms`, { cause: err });
+    }
+    const message = err instanceof Error ? err.message : "Network request failed";
+    return new RogueConnectionError(message, { cause: err });
+  }
+};
+export {
+  RogueAuthError,
+  RogueClient,
+  RogueConnectionError,
+  RogueError,
+  RogueNotFoundError,
+  RogueServerError,
+  RogueTimeoutError,
+  RogueValidationError
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/client.ts","../src/errors.ts","../src/debug.ts"],"sourcesContent":["import retry from \"async-retry\";\nimport {\n RogueConnectionError,\n RogueError,\n RogueTimeoutError,\n errorFromResponse,\n} from \"./errors\";\nimport { DebugLogger, redactHeaders, type DebugMode, type Logger } from \"./debug\";\nimport type { EvaluateParams, EvaluationResponse, InvokeParams } from \"./types\";\n\n/** Default production base URL. Override via {@link RogueClientOptions.baseUrl} for local dev. */\nconst DEFAULT_BASE_URL = \"https://api.rogue.security\";\nconst EVALUATE_PATH = \"/api/v1/evaluation/evaluate\";\nconst INVOKE_PATH = \"/api/v1/evaluation/invoke\";\n\ntype FetchFn = typeof fetch;\n\nexport interface RogueClientOptions {\n /** `rsk_`-prefixed API key. Falls back to `ROGUE_API_KEY` env var. */\n apiKey?: string;\n /** Defaults to the production API. Use `http://localhost:8006` for local dev. */\n baseUrl?: string;\n /** Per-request timeout in milliseconds. Default 30000. */\n timeoutMs?: number;\n /** Max automatic retries on 429/5xx/network errors. Default 2. */\n maxRetries?: number;\n /** Inject a custom fetch (testing, proxies). Defaults to global `fetch`. */\n fetch?: FetchFn;\n /** Enable debug logging. `true` logs request lines; `\"verbose\"` also logs bodies. Env: `ROGUE_DEBUG`. */\n debug?: DebugMode;\n /** Logger for debug output. Defaults to `console`. */\n logger?: Logger;\n}\n\nfunction envVar(name: string): string | undefined {\n // Guarded for browser/edge runtimes where `process` is absent.\n return typeof process !== \"undefined\" ? process.env?.[name] : undefined;\n}\n\nfunction resolveDebugMode(option: DebugMode | undefined): DebugMode {\n if (option !== undefined) return option;\n const env = envVar(\"ROGUE_DEBUG\");\n if (env === \"verbose\") return \"verbose\";\n return env ? true : false;\n}\n\nconst camelToSnake = (key: string): string => key.replace(/[A-Z]/g, (c) => `_${c.toLowerCase()}`);\nconst snakeToCamel = (key: string): string => key.replace(/_([a-z])/g, (_, c: string) => c.toUpperCase());\n\n// Keys whose VALUES are opaque user/tool data: arbitrary metadata, JSON-schema tool\n// parameters, and tool-call arguments. Their nested keys must reach the API byte-for-byte,\n// so we rename the key itself (identity for these single words) but never recurse into them.\nconst OPAQUE_KEYS = new Set([\"metadata\", \"parameters\", \"arguments\"]);\n\n/**\n * Deep-convert object keys, dropping `undefined` values. Arrays/primitives pass through.\n * Values under {@link OPAQUE_KEYS} are copied verbatim so customer-defined keys survive.\n */\nfunction convertKeys(value: unknown, convert: (k: string) => string): unknown {\n if (Array.isArray(value)) return value.map((v) => convertKeys(v, convert));\n if (value && typeof value === \"object\") {\n const out: Record<string, unknown> = {};\n for (const [k, v] of Object.entries(value)) {\n if (v === undefined) continue;\n out[convert(k)] = OPAQUE_KEYS.has(k) ? v : convertKeys(v, convert);\n }\n return out;\n }\n return value;\n}\n\nexport class RogueClient {\n private readonly apiKey: string;\n private readonly baseUrl: string;\n private readonly timeoutMs: number;\n private readonly maxRetries: number;\n private readonly fetchFn: FetchFn;\n private readonly debug: DebugLogger;\n\n constructor(options: RogueClientOptions = {}) {\n const apiKey = options.apiKey ?? envVar(\"ROGUE_API_KEY\");\n if (!apiKey) {\n throw new RogueError(\n \"Missing API key. Pass { apiKey } or set the ROGUE_API_KEY environment variable.\",\n );\n }\n this.apiKey = apiKey;\n this.baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\\/$/, \"\");\n this.timeoutMs = options.timeoutMs ?? 30000;\n this.maxRetries = options.maxRetries ?? 2;\n if (options.fetch) {\n this.fetchFn = options.fetch;\n } else if (globalThis.fetch) {\n // Native fetch must be called with `this` === the global, or browsers/edge\n // runtimes throw \"Illegal invocation\". Bind it once here.\n this.fetchFn = globalThis.fetch.bind(globalThis);\n } else {\n throw new RogueError(\"No global fetch available. Pass a fetch implementation via { fetch }.\");\n }\n this.debug = new DebugLogger(resolveDebugMode(options.debug), options.logger ?? console);\n }\n\n /** Run an inline evaluation. At least one check must be enabled. */\n evaluate(params: EvaluateParams): Promise<EvaluationResponse> {\n return this.request(EVALUATE_PATH, params);\n }\n\n /** Run a saved guardrail's evaluation by id. */\n invoke(params: InvokeParams): Promise<EvaluationResponse> {\n return this.request(INVOKE_PATH, params);\n }\n\n private request(path: string, params: object): Promise<EvaluationResponse> {\n const url = `${this.baseUrl}${path}`;\n const body = JSON.stringify(convertKeys(params, camelToSnake));\n const headers = {\n \"content-type\": \"application/json\",\n \"x-rogue-api-key\": this.apiKey,\n };\n\n // async-retry: throw to retry (transient), bail() to stop (deterministic 4xx).\n return retry<EvaluationResponse>(\n async (bail, attemptNumber) => {\n const attempt = attemptNumber - 1; // async-retry counts from 1\n const started = Date.now();\n if (this.debug.enabled) {\n this.debug.log(\"request\", {\n method: \"POST\",\n url,\n attempt,\n headers: redactHeaders(headers),\n ...(this.debug.verbose ? { body } : {}),\n });\n }\n\n let res: Response;\n try {\n res = await this.fetchWithTimeout(url, { method: \"POST\", headers, body });\n } catch (err) {\n // Transport faults (timeout/connection) are retryable: throw to retry.\n const transportErr = this.toTransportError(err);\n this.debug.log(\"transport-error\", { attempt, message: transportErr.message });\n throw transportErr;\n }\n\n this.debug.log(\"response\", { status: res.status, latencyMs: Date.now() - started, attempt });\n\n if (res.ok) {\n const json = await res.json();\n return convertKeys(json, snakeToCamel) as EvaluationResponse;\n }\n\n const err = await errorFromResponse(res);\n // Retry only transient server / rate-limit failures; 4xx are deterministic.\n if (res.status === 429 || res.status >= 500) throw err;\n bail(err);\n throw err; // unreachable after bail(); satisfies the type checker\n },\n {\n retries: this.maxRetries,\n factor: 2,\n minTimeout: 200,\n maxTimeout: 5000,\n randomize: true,\n },\n );\n }\n\n private async fetchWithTimeout(url: string, init: RequestInit): Promise<Response> {\n const controller = new AbortController();\n const timer = setTimeout(() => controller.abort(), this.timeoutMs);\n try {\n return await this.fetchFn(url, { ...init, signal: controller.signal });\n } finally {\n clearTimeout(timer);\n }\n }\n\n private toTransportError(err: unknown): RogueError {\n const isAbort = err instanceof Error && err.name === \"AbortError\";\n if (isAbort) {\n return new RogueTimeoutError(`Request timed out after ${this.timeoutMs}ms`, { cause: err });\n }\n const message = err instanceof Error ? err.message : \"Network request failed\";\n return new RogueConnectionError(message, { cause: err });\n }\n}\n","/** Base class for every error thrown by the SDK. Catch this to handle them all. */\nexport class RogueError extends Error {\n /** HTTP status, or null for transport-level failures (timeout, connection). */\n readonly status: number | null;\n /** Parsed response body, when one was received. */\n readonly body: unknown;\n /** Value of the `x-request-id` response header, when present. */\n readonly requestId?: string;\n\n constructor(\n message: string,\n opts: { status?: number | null; body?: unknown; requestId?: string; cause?: unknown } = {},\n ) {\n super(message, opts.cause !== undefined ? { cause: opts.cause } : undefined);\n this.name = this.constructor.name;\n this.status = opts.status ?? null;\n this.body = opts.body;\n this.requestId = opts.requestId;\n }\n}\n\n/** 401 — missing or invalid API key. */\nexport class RogueAuthError extends RogueError {}\n/** 404 — guardrail / evaluation not found (invoke). */\nexport class RogueNotFoundError extends RogueError {}\n/** 422 — invalid request (e.g. no checks enabled). */\nexport class RogueValidationError extends RogueError {}\n/** 5xx — server-side failure. Retried automatically up to maxRetries. */\nexport class RogueServerError extends RogueError {}\n/** Request exceeded the configured timeout. */\nexport class RogueTimeoutError extends RogueError {}\n/** Network-level failure (DNS, connection refused, etc.). */\nexport class RogueConnectionError extends RogueError {}\n\n/** Build the right error subclass from a non-2xx response. */\nexport async function errorFromResponse(res: Response): Promise<RogueError> {\n const requestId = res.headers.get(\"x-request-id\") ?? undefined;\n let body: unknown;\n let message = `Rogue API error (status ${res.status})`;\n try {\n body = await res.json();\n if (body && typeof body === \"object\" && \"error\" in body && typeof body.error === \"string\") {\n message = body.error;\n }\n } catch {\n // Non-JSON body; keep the default message.\n }\n const opts = { status: res.status, body, requestId };\n if (res.status === 401) return new RogueAuthError(message, opts);\n if (res.status === 404) return new RogueNotFoundError(message, opts);\n if (res.status === 422) return new RogueValidationError(message, opts);\n if (res.status >= 500) return new RogueServerError(message, opts);\n return new RogueError(message, opts);\n}\n","/** Minimal pluggable logger. `console` satisfies this. */\nexport interface Logger {\n debug(message: string, ...args: unknown[]): void;\n}\n\nexport type DebugMode = boolean | \"verbose\";\n\nconst API_KEY_HEADER = \"x-rogue-api-key\";\n\n/** Mask the API key so it never lands in logs. */\nexport function redactHeaders(headers: Record<string, string>): Record<string, string> {\n const out: Record<string, string> = {};\n for (const [k, v] of Object.entries(headers)) {\n out[k] = k.toLowerCase() === API_KEY_HEADER ? \"***\" : v;\n }\n return out;\n}\n\nexport class DebugLogger {\n constructor(\n private readonly mode: DebugMode,\n private readonly logger: Logger,\n ) {}\n\n get enabled(): boolean {\n return this.mode !== false;\n }\n\n get verbose(): boolean {\n return this.mode === \"verbose\";\n }\n\n log(message: string, fields: Record<string, unknown>): void {\n if (this.enabled) this.logger.debug(`[rogue] ${message}`, fields);\n }\n}\n"],"mappings":";AAAA,OAAO,WAAW;;;ACCX,IAAM,aAAN,cAAyB,MAAM;AAAA;AAAA,EAE3B;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA,EAET,YACE,SACA,OAAwF,CAAC,GACzF;AACA,UAAM,SAAS,KAAK,UAAU,SAAY,EAAE,OAAO,KAAK,MAAM,IAAI,MAAS;AAC3E,SAAK,OAAO,KAAK,YAAY;AAC7B,SAAK,SAAS,KAAK,UAAU;AAC7B,SAAK,OAAO,KAAK;AACjB,SAAK,YAAY,KAAK;AAAA,EACxB;AACF;AAGO,IAAM,iBAAN,cAA6B,WAAW;AAAC;AAEzC,IAAM,qBAAN,cAAiC,WAAW;AAAC;AAE7C,IAAM,uBAAN,cAAmC,WAAW;AAAC;AAE/C,IAAM,mBAAN,cAA+B,WAAW;AAAC;AAE3C,IAAM,oBAAN,cAAgC,WAAW;AAAC;AAE5C,IAAM,uBAAN,cAAmC,WAAW;AAAC;AAGtD,eAAsB,kBAAkB,KAAoC;AAC1E,QAAM,YAAY,IAAI,QAAQ,IAAI,cAAc,KAAK;AACrD,MAAI;AACJ,MAAI,UAAU,2BAA2B,IAAI,MAAM;AACnD,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AACtB,QAAI,QAAQ,OAAO,SAAS,YAAY,WAAW,QAAQ,OAAO,KAAK,UAAU,UAAU;AACzF,gBAAU,KAAK;AAAA,IACjB;AAAA,EACF,QAAQ;AAAA,EAER;AACA,QAAM,OAAO,EAAE,QAAQ,IAAI,QAAQ,MAAM,UAAU;AACnD,MAAI,IAAI,WAAW,IAAK,QAAO,IAAI,eAAe,SAAS,IAAI;AAC/D,MAAI,IAAI,WAAW,IAAK,QAAO,IAAI,mBAAmB,SAAS,IAAI;AACnE,MAAI,IAAI,WAAW,IAAK,QAAO,IAAI,qBAAqB,SAAS,IAAI;AACrE,MAAI,IAAI,UAAU,IAAK,QAAO,IAAI,iBAAiB,SAAS,IAAI;AAChE,SAAO,IAAI,WAAW,SAAS,IAAI;AACrC;;;AC9CA,IAAM,iBAAiB;AAGhB,SAAS,cAAc,SAAyD;AACrF,QAAM,MAA8B,CAAC;AACrC,aAAW,CAAC,GAAG,CAAC,KAAK,OAAO,QAAQ,OAAO,GAAG;AAC5C,QAAI,CAAC,IAAI,EAAE,YAAY,MAAM,iBAAiB,QAAQ;AAAA,EACxD;AACA,SAAO;AACT;AAEO,IAAM,cAAN,MAAkB;AAAA,EACvB,YACmB,MACA,QACjB;AAFiB;AACA;AAAA,EAChB;AAAA,EAFgB;AAAA,EACA;AAAA,EAGnB,IAAI,UAAmB;AACrB,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,IAAI,UAAmB;AACrB,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,IAAI,SAAiB,QAAuC;AAC1D,QAAI,KAAK,QAAS,MAAK,OAAO,MAAM,WAAW,OAAO,IAAI,MAAM;AAAA,EAClE;AACF;;;AFxBA,IAAM,mBAAmB;AACzB,IAAM,gBAAgB;AACtB,IAAM,cAAc;AAqBpB,SAAS,OAAO,MAAkC;AAEhD,SAAO,OAAO,YAAY,cAAc,QAAQ,MAAM,IAAI,IAAI;AAChE;AAEA,SAAS,iBAAiB,QAA0C;AAClE,MAAI,WAAW,OAAW,QAAO;AACjC,QAAM,MAAM,OAAO,aAAa;AAChC,MAAI,QAAQ,UAAW,QAAO;AAC9B,SAAO,MAAM,OAAO;AACtB;AAEA,IAAM,eAAe,CAAC,QAAwB,IAAI,QAAQ,UAAU,CAAC,MAAM,IAAI,EAAE,YAAY,CAAC,EAAE;AAChG,IAAM,eAAe,CAAC,QAAwB,IAAI,QAAQ,aAAa,CAAC,GAAG,MAAc,EAAE,YAAY,CAAC;AAKxG,IAAM,cAAc,oBAAI,IAAI,CAAC,YAAY,cAAc,WAAW,CAAC;AAMnE,SAAS,YAAY,OAAgB,SAAyC;AAC5E,MAAI,MAAM,QAAQ,KAAK,EAAG,QAAO,MAAM,IAAI,CAAC,MAAM,YAAY,GAAG,OAAO,CAAC;AACzE,MAAI,SAAS,OAAO,UAAU,UAAU;AACtC,UAAM,MAA+B,CAAC;AACtC,eAAW,CAAC,GAAG,CAAC,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC1C,UAAI,MAAM,OAAW;AACrB,UAAI,QAAQ,CAAC,CAAC,IAAI,YAAY,IAAI,CAAC,IAAI,IAAI,YAAY,GAAG,OAAO;AAAA,IACnE;AACA,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAEO,IAAM,cAAN,MAAkB;AAAA,EACN;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,UAA8B,CAAC,GAAG;AAC5C,UAAM,SAAS,QAAQ,UAAU,OAAO,eAAe;AACvD,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,SAAK,SAAS;AACd,SAAK,WAAW,QAAQ,WAAW,kBAAkB,QAAQ,OAAO,EAAE;AACtE,SAAK,YAAY,QAAQ,aAAa;AACtC,SAAK,aAAa,QAAQ,cAAc;AACxC,QAAI,QAAQ,OAAO;AACjB,WAAK,UAAU,QAAQ;AAAA,IACzB,WAAW,WAAW,OAAO;AAG3B,WAAK,UAAU,WAAW,MAAM,KAAK,UAAU;AAAA,IACjD,OAAO;AACL,YAAM,IAAI,WAAW,uEAAuE;AAAA,IAC9F;AACA,SAAK,QAAQ,IAAI,YAAY,iBAAiB,QAAQ,KAAK,GAAG,QAAQ,UAAU,OAAO;AAAA,EACzF;AAAA;AAAA,EAGA,SAAS,QAAqD;AAC5D,WAAO,KAAK,QAAQ,eAAe,MAAM;AAAA,EAC3C;AAAA;AAAA,EAGA,OAAO,QAAmD;AACxD,WAAO,KAAK,QAAQ,aAAa,MAAM;AAAA,EACzC;AAAA,EAEQ,QAAQ,MAAc,QAA6C;AACzE,UAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI;AAClC,UAAM,OAAO,KAAK,UAAU,YAAY,QAAQ,YAAY,CAAC;AAC7D,UAAM,UAAU;AAAA,MACd,gBAAgB;AAAA,MAChB,mBAAmB,KAAK;AAAA,IAC1B;AAGA,WAAO;AAAA,MACL,OAAO,MAAM,kBAAkB;AAC7B,cAAM,UAAU,gBAAgB;AAChC,cAAM,UAAU,KAAK,IAAI;AACzB,YAAI,KAAK,MAAM,SAAS;AACtB,eAAK,MAAM,IAAI,WAAW;AAAA,YACxB,QAAQ;AAAA,YACR;AAAA,YACA;AAAA,YACA,SAAS,cAAc,OAAO;AAAA,YAC9B,GAAI,KAAK,MAAM,UAAU,EAAE,KAAK,IAAI,CAAC;AAAA,UACvC,CAAC;AAAA,QACH;AAEA,YAAI;AACJ,YAAI;AACF,gBAAM,MAAM,KAAK,iBAAiB,KAAK,EAAE,QAAQ,QAAQ,SAAS,KAAK,CAAC;AAAA,QAC1E,SAASA,MAAK;AAEZ,gBAAM,eAAe,KAAK,iBAAiBA,IAAG;AAC9C,eAAK,MAAM,IAAI,mBAAmB,EAAE,SAAS,SAAS,aAAa,QAAQ,CAAC;AAC5E,gBAAM;AAAA,QACR;AAEA,aAAK,MAAM,IAAI,YAAY,EAAE,QAAQ,IAAI,QAAQ,WAAW,KAAK,IAAI,IAAI,SAAS,QAAQ,CAAC;AAE3F,YAAI,IAAI,IAAI;AACV,gBAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,iBAAO,YAAY,MAAM,YAAY;AAAA,QACvC;AAEA,cAAM,MAAM,MAAM,kBAAkB,GAAG;AAEvC,YAAI,IAAI,WAAW,OAAO,IAAI,UAAU,IAAK,OAAM;AACnD,aAAK,GAAG;AACR,cAAM;AAAA,MACR;AAAA,MACA;AAAA,QACE,SAAS,KAAK;AAAA,QACd,QAAQ;AAAA,QACR,YAAY;AAAA,QACZ,YAAY;AAAA,QACZ,WAAW;AAAA,MACb;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAc,iBAAiB,KAAa,MAAsC;AAChF,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,QAAQ,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,SAAS;AACjE,QAAI;AACF,aAAO,MAAM,KAAK,QAAQ,KAAK,EAAE,GAAG,MAAM,QAAQ,WAAW,OAAO,CAAC;AAAA,IACvE,UAAE;AACA,mBAAa,KAAK;AAAA,IACpB;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA0B;AACjD,UAAM,UAAU,eAAe,SAAS,IAAI,SAAS;AACrD,QAAI,SAAS;AACX,aAAO,IAAI,kBAAkB,2BAA2B,KAAK,SAAS,MAAM,EAAE,OAAO,IAAI,CAAC;AAAA,IAC5F;AACA,UAAM,UAAU,eAAe,QAAQ,IAAI,UAAU;AACrD,WAAO,IAAI,qBAAqB,SAAS,EAAE,OAAO,IAAI,CAAC;AAAA,EACzD;AACF;","names":["err"]}

package/package.json ADDED Viewed

@@ -0,0 +1,58 @@
+{
+  "name": "@rogue-security/sdk",
+  "version": "1.0.0",
+  "description": "Official TypeScript SDK for the Rogue Security AppSec evaluation API.",
+  "license": "UNLICENSED",
+  "author": "Rogue Security <team@rogue.security>",
+  "homepage": "https://github.com/qualifire-dev/qualifire/tree/main/sdks/typescript",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/qualifire-dev/qualifire.git",
+    "directory": "sdks/typescript"
+  },
+  "keywords": [
+    "rogue",
+    "rogue-security",
+    "ai-security",
+    "guardrails",
+    "llm",
+    "appsec",
+    "evaluation"
+  ],
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "engines": {
+    "node": ">=18"
+  },
+  "scripts": {
+    "build": "tsup",
+    "type:check": "tsc --noEmit",
+    "test": "vitest run"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "dependencies": {
+    "async-retry": "^1.3.3"
+  },
+  "devDependencies": {
+    "@types/async-retry": "^1.4.9",
+    "@types/node": "^20.0.0",
+    "tsup": "^8.3.0",
+    "typescript": "^5.6.0",
+    "vitest": "^2.1.0"
+  }
+}